Tomcat-users.xml is file not updated after Upgrade

Technote (troubleshooting)

Problem(Abstract)

Attempts to create new users after an upgrade of IBM Rational Team Concert (RTC) results in the tomcat-users.xml file not being updated with the new user information.

Symptom

Although new users are successfully added to RTC through the User Administration console, the user information is not written to the tomcat-users.xml file. The account will continue to work until the server is restarted. After a restart the user will no longer be able to log in and will receive an Invalid user ID or password error.

Viewing their account in user administration will return this error

This user was not found in the directory service. This user will not be able to login unless they have an account in the directory service.ID CRJAZ1532I

Cause

There was a change to the default behavior for writing to the tomcat-users.xml file between Tomcat 5.5, included with RTC 3.0.1.x and earlier, and Tomcat 7, included with RTC 4.0 and later.

In Tomcat 5.5 the default behavior was to allow writing to the tomcat-users.xml file. In Tomcat 7, the default behavior is to disallow writing to the tomcat-users.xml file, and requires the server to be explicitly configured to allow this behavior. Although the server.xml file included with 4.0 includes the correct setting the upgrade procedure copies the old configuration file over the new one and does not include this setting.

Environment

Upgrade from Rational Team Concert 3.0.1.x and earlier to Rational Team Concert 4.0 or later.

Tomcat Application server 7.0 using Tomcat as the User Registry

Diagnosing the problem

The stderr log located in JazzInstallDir\server\tomcat\logs will contain the following error after user creation

org.apache.catalina.users.MemoryUserDatabase save
SEVERE: User database has been configured to be read only. Changes cannot be saved

Resolving the problem

To resolve this behavior, you will need to enable writing to the tomcat-users.xml file:

Open the following file: ..<JazzInstallDir>\server\tomcat\conf\server.xml

Search for the UserDatabase Resource, as shown below:<Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/tomcat-users.xml" />

Add the following line to the UserDatabase Resource configuration:readonly="false"

Manually add the missing users to tomcat-users.xml<user username="new-user" password="temp-password" fullName="User Name" roles="JazzUsers"/>Note the plain text temporary password will not work until reset in step 6.

Restart Tomcat.

Reset the user's password from the user's profile under User Administration. The new password will be a random set of characters which will be emailed to the user

Leverage the Jazz Community

Jazz and Rational Team Concert have an active community that can provide you with additional resources. Browse and contribute to the User forums, contribute to the Team Blog and review the Team wiki. Refer to technote 1319600 for details and links.